X-Git-Url: http://www.git.stargrave.org/?a=blobdiff_plain;f=lib%2FPublicInbox%2FSolverGit.pm;h=62b5a3439b2be772b004f13a5a8c2380a171f200;hb=23af251dd607c4e75ab1e68063f2c885c48cc035;hp=17a430606dfc64678583fd85a16b217a399213d8;hpb=b316f7541ec263fd04ea50530a1d500f43773299;p=public-inbox.git diff --git a/lib/PublicInbox/SolverGit.pm b/lib/PublicInbox/SolverGit.pm index 17a43060..62b5a343 100644 --- a/lib/PublicInbox/SolverGit.pm +++ b/lib/PublicInbox/SolverGit.pm @@ -1,21 +1,23 @@ -# Copyright (C) 2019 all contributors +# Copyright (C) 2019-2021 all contributors # License: AGPL-3.0+ # "Solve" blobs which don't exist in git code repositories by # searching inboxes for post-image blobs. # this emits a lot of debugging/tracing information which may be -# publically viewed over HTTP(S). Be careful not to expose +# publicly viewed over HTTP(S). Be careful not to expose # local filesystem layouts in the process. package PublicInbox::SolverGit; use strict; -use warnings; -use File::Temp 0.19 (); +use v5.10.1; +use File::Temp 0.19 (); # 0.19 for ->newdir use Fcntl qw(SEEK_SET); use PublicInbox::Git qw(git_unquote git_quote); -use PublicInbox::MsgIter qw(msg_iter msg_part_text); +use PublicInbox::MsgIter qw(msg_part_text); use PublicInbox::Qspawn; use PublicInbox::Tmpfile; +use PublicInbox::GitAsyncCat; +use PublicInbox::Eml; use URI::Escape qw(uri_escape_utf8); # POSIX requires _POSIX_ARG_MAX >= 4096, and xargs is required to @@ -33,24 +35,26 @@ my $OID_MIN = 7; # work fairly. Other PSGI servers may have trouble, though. my $MAX_PATCH = 9999; +my $LF = qr!\r?\n!; +my $ANY = qr![^\r\n]+!; +my $MODE = '100644|120000|100755'; +my $FN = qr!(?:("?[^/\n]+/[^\r\n]+)|/dev/null)!; +my %BAD_COMPONENT = ('' => 1, '.' => 1, '..' => 1); + # di = diff info / a hashref with information about a diff ($di): # { # oid_a => abbreviated pre-image oid, # oid_b => abbreviated post-image oid, # tmp => anonymous file handle with the diff, -# hdr_lines => arrayref of various header lines for mode information +# hdr_lines => string of various header lines for mode information # mode_a => original mode of oid_a (string, not integer), # ibx => PublicInbox::Inbox object containing the diff -# smsg => PublicInbox::SearchMsg object containing diff +# smsg => PublicInbox::Smsg object containing diff # path_a => pre-image path # path_b => post-image path # n => numeric path of the patch (relative to worktree) # } -# don't bother if somebody sends us a patch with these path components, -# it's junk at best, an attack attempt at worse: -my %bad_component = map { $_ => 1 } ('', '.', '..'); - sub dbg ($$) { print { $_[0]->{out} } $_[1], "\n" or ERR($_[0], "print(dbg): $!"); } @@ -68,115 +72,137 @@ sub ERR ($$) { die $err; } -# look for existing objects already in git repos +# look for existing objects already in git repos, returns arrayref +# if found, number of remaining git coderepos to try if not. sub solve_existing ($$) { my ($self, $want) = @_; + my $try = $want->{try_gits} //= [ @{$self->{gits}} ]; # array copy + my $git = shift @$try or die 'BUG {try_gits} empty'; my $oid_b = $want->{oid_b}; - my $have_hints = scalar keys %$want > 1; - my @ambiguous; # Array of [ git, $oids] - foreach my $git (@{$self->{gits}}) { - my ($oid_full, $type, $size) = $git->check($oid_b); - if (defined($type) && (!$have_hints || $type eq 'blob')) { - return [ $git, $oid_full, $type, int($size) ]; - } + my ($oid_full, $type, $size) = $git->check($oid_b); - next if length($oid_b) == 40; + # other than {oid_b, try_gits, try_ibxs} + my $have_hints = scalar keys %$want > 3; + if (defined($type) && (!$have_hints || $type eq 'blob')) { + delete $want->{try_gits}; + return [ $git, $oid_full, $type, int($size) ]; # done, success + } - # parse stderr of "git cat-file --batch-check" - my $err = $git->last_check_err; - my (@oids) = ($err =~ /\b([a-f0-9]{40})\s+blob\b/g); - next unless scalar(@oids); + # TODO: deal with 40-char "abbreviations" with future SHA-256 git + return scalar(@$try) if length($oid_b) >= 40; - # TODO: do something with the ambiguous array? - # push @ambiguous, [ $git, @oids ]; + # parse stderr of "git cat-file --batch-check" + my $err = $git->last_check_err; + my (@oids) = ($err =~ /\b([a-f0-9]{40,})\s+blob\b/g); + return scalar(@$try) unless scalar(@oids); - dbg($self, "`$oid_b' ambiguous in " . - join("\n\t", $git->pub_urls($self->{psgi_env})) - . "\n" . - join('', map { "$_ blob\n" } @oids)); - } - scalar(@ambiguous) ? \@ambiguous : undef; + # TODO: do something with the ambiguous array? + # push @ambiguous, [ $git, @oids ]; + + dbg($self, "`$oid_b' ambiguous in " . + join("\n\t", $git->pub_urls($self->{psgi_env})) + . "\n" . + join('', map { "$_ blob\n" } @oids)); + scalar(@$try); } sub extract_diff ($$) { my ($p, $arg) = @_; - my ($self, $diffs, $re, $ibx, $smsg) = @$arg; + my ($self, $want, $smsg) = @$arg; my ($part) = @$p; # ignore $depth and @idx; - my $hdr_lines; # diff --git a/... b/... - my $tmp; my $ct = $part->content_type || 'text/plain'; - my ($s, undef) = msg_part_text($part, $ct); - defined $s or return; - my $di = {}; + my $post = $want->{oid_b}; + my $pre = $want->{oid_a}; + if (!defined($pre) || $pre !~ /\A[a-f0-9]+\z/) { + $pre = '[a-f0-9]{7}'; # for RE below + } # Email::MIME::Encodings forces QP to be CRLF upon decoding, # change it back to LF: my $cte = $part->header('Content-Transfer-Encoding') || ''; + my ($s, undef) = msg_part_text($part, $ct); + defined $s or return; + delete $part->{bdy}; if ($cte =~ /\bquoted-printable\b/i && $part->crlf eq "\n") { $s =~ s/\r\n/\n/sg; } + $s =~ m!( # $1 start header lines we save for debugging: + + # everything before ^index is optional, but we don't + # want to match ^(old|copy|rename|deleted|...) unless + # we match /^diff --git/ first: + (?: # begin optional stuff: + + # try to get the pre-and-post filenames as $2 and $3 + (?:^diff\x20--git\x20$FN\x20$FN$LF) + + (?:^(?: # pass all this to git-apply: + # old mode $4 + (?:old\x20mode\x20($MODE)) + | + # new mode (possibly new file) ($5) + (?:new\x20(?:file\x20)?mode\x20($MODE)) + | + (?:(?:copy|rename|deleted| + dissimilarity|similarity)$ANY) + )$LF)* + + )? # end of optional stuff, everything below is required + + # match the pre and post-image OIDs as $6 $7 + ^index\x20(${pre}[a-f0-9]*)\.\.(${post}[a-f0-9]*) + # mode if unchanged $8 + (?:\x20(100644|120000|100755))?$LF + ) # end of header lines ($1) + ( # $9 is the patch body + # "--- a/foo.c" sets pre-filename ($10) in case + # $2 is missing + (?:^---\x20$FN$LF) + + # "+++ b/foo.c" sets post-filename ($11) in case + # $3 is missing + (?:^\+{3}\x20$FN$LF) + + # the meat of the diff, including "^\\No newline ..." + # We also allow for totally blank lines w/o leading spaces, + # because git-apply(1) handles that case, too + (?:^(?:[\@\+\x20\-\\][^\n]*|)$LF)+ + )!smx or return; + undef $s; # free memory + + my $di = { + hdr_lines => $1, + oid_a => $6, + oid_b => $7, + mode_a => $5 // $8 // $4, # new (file) // unchanged // old + }; + my $path_a = $2 // $10; + my $path_b = $3 // $11; + my $patch = $9; + + # don't care for leading 'a/' and 'b/' + my (undef, @a) = split(m{/}, git_unquote($path_a)) if defined($path_a); + my (undef, @b) = split(m{/}, git_unquote($path_b)); + + # get rid of path-traversal attempts and junk patches: + # it's junk at best, an attack attempt at worse: + foreach (@a, @b) { return if $BAD_COMPONENT{$_} } + + $di->{path_a} = join('/', @a) if @a; + $di->{path_b} = join('/', @b); + + my $path = ++$self->{tot}; + $di->{n} = $path; + open(my $tmp, '>:utf8', $self->{tmp}->dirname . "/$path") or + die "open(tmp): $!"; + print $tmp $di->{hdr_lines}, $patch or die "print(tmp): $!"; + close $tmp or die "close(tmp): $!"; - foreach my $l (split(/^/m, $s)) { - if ($l =~ $re) { - $di->{oid_a} = $1; - $di->{oid_b} = $2; - if (defined($3)) { - my $mode_a = $3; - if ($mode_a =~ /\A(?:100644|120000|100755)\z/) { - $di->{mode_a} = $mode_a; - } - } - - - # start writing the diff out to a tempfile - my $path = ++$self->{tot}; - $di->{n} = $path; - open($tmp, '>', $self->{tmp}->dirname . "/$path") or - die "open(tmp): $!"; - - push @$hdr_lines, $l; - $di->{hdr_lines} = $hdr_lines; - utf8::encode($_) for @$hdr_lines; - print $tmp @$hdr_lines or die "print(tmp): $!"; - - # for debugging/diagnostics: - $di->{ibx} = $ibx; - $di->{smsg} = $smsg; - } elsif ($l =~ m!\Adiff --git ("?[^/]+/.+) ("?[^/]+/.+)$!) { - last if $tmp; # got our blob, done! - - my ($path_a, $path_b) = ($1, $2); - - # diff header lines won't have \r because git - # will quote them, but Email::MIME gives CRLF - # for quoted-printable: - $path_b =~ tr/\r//d; - - # don't care for leading 'a/' and 'b/' - my (undef, @a) = split(m{/}, git_unquote($path_a)); - my (undef, @b) = split(m{/}, git_unquote($path_b)); - - # get rid of path-traversal attempts and junk patches: - foreach (@a, @b) { - return if $bad_component{$_}; - } + # for debugging/diagnostics: + $di->{ibx} = $want->{cur_ibx}; + $di->{smsg} = $smsg; - $di->{path_a} = join('/', @a); - $di->{path_b} = join('/', @b); - $hdr_lines = [ $l ]; - } elsif ($tmp) { - utf8::encode($l); - print $tmp $l or die "print(tmp): $!"; - } elsif ($hdr_lines) { - push @$hdr_lines, $l; - if ($l =~ /\Anew file mode (100644|120000|100755)$/) { - $di->{mode_a} = $1; - } - } - } - return undef unless $tmp; - close $tmp or die "close(tmp): $!"; - push @$diffs, $di; + push @{$self->{tmp_diffs}}, $di; } sub path_searchable ($) { defined($_[0]) && $_[0] =~ m!\A[\w/\. \-]+\z! } @@ -188,9 +214,9 @@ sub filename_query ($) { join('', map { qq( dfn:"$_") } split(/\.\./, $_[0])); } -sub find_extract_diffs ($$$) { +sub find_smsgs ($$$) { my ($self, $ibx, $want) = @_; - my $srch = $ibx->search or return; + my $srch = $ibx->isrch or return; my $post = $want->{oid_b} or die 'BUG: no {oid_b}'; $post =~ /\A[a-f0-9]+\z/ or die "BUG: oid_b not hex: $post"; @@ -199,8 +225,6 @@ sub find_extract_diffs ($$$) { my $pre = $want->{oid_a}; if (defined $pre && $pre =~ /\A[a-f0-9]+\z/) { $q .= " dfpre:$pre"; - } else { - $pre = '[a-f0-9]{7}'; # for $re below } my $path_b = $want->{path_b}; @@ -212,17 +236,8 @@ sub find_extract_diffs ($$$) { $q .= filename_query($path_a); } } - - my $msgs = $srch->query($q, { relevance => 1 }); - my $re = qr/\Aindex ($pre[a-f0-9]*)\.\.($post[a-f0-9]*)(?: ([0-9]+))?/; - my $diffs = []; - foreach my $smsg (@$msgs) { - $ibx->smsg_mime($smsg) or next; - my $mime = delete $smsg->{mime}; - msg_iter($mime, \&extract_diff, - [$self, $diffs, $re, $ibx, $smsg]); - } - @$diffs ? $diffs : undef; + my $mset = $srch->mset($q, { relevance => 1 }); + $mset->size ? $srch->mset_to_smsg($ibx, $mset) : undef; } sub update_index_result ($$) { @@ -247,19 +262,19 @@ sub prepare_index ($) { # no index creation for added files $oid_a =~ /\A0+\z/ and return next_step($self); - die "BUG: $oid_a not not found" unless $existing; + die "BUG: $oid_a not found" unless $existing; my $oid_full = $existing->[1]; my $path_a = $di->{path_a} or die "BUG: path_a missing for $oid_full"; - my $mode_a = $di->{mode_a} || extract_old_mode($di); + my $mode_a = $di->{mode_a} // '100644'; my $in = tmpfile("update-index.$oid_full") or die "tmpfile: $!"; print $in "$mode_a $oid_full\t$path_a\0" or die "print: $!"; $in->flush or die "flush: $!"; - sysseek($in, 0, 0) or die "seek: $!"; + sysseek($in, 0, SEEK_SET) or die "seek: $!"; dbg($self, 'preparing index'); - my $rdr = { 0 => fileno($in), -hold => $in }; + my $rdr = { 0 => $in }; my $cmd = [ qw(git update-index -z --index-info) ]; my $qsp = PublicInbox::Qspawn->new($cmd, $self->{git_env}, $rdr); $path_a = git_quote($path_a); @@ -278,14 +293,21 @@ sub do_git_init ($) { mkdir("$git_dir/$_") or die "mkdir $_: $!"; } open my $fh, '>', "$git_dir/config" or die "open git/config: $!"; - print $fh <<'EOF' or die "print git/config $!"; + my $first = $self->{gits}->[0]; + my $fmt = $first->object_format; + my $v = defined($$fmt) ? 1 : 0; + print $fh <', "$git_dir/HEAD" or die "open git/HEAD: $!"; @@ -307,15 +329,6 @@ EOF prepare_index($self); } -sub extract_old_mode ($) { - my ($di) = @_; - if (join('', @{$di->{hdr_lines}}) =~ - /^old mode (100644|100755|120000)\b/) { - return $1; - } - '100644'; -} - sub do_finish ($) { my ($self) = @_; my ($found, $oid_want) = @$self{qw(found oid_want)}; @@ -452,6 +465,7 @@ sub apply_result ($$) { if ($nxt && oids_same_ish($nxt->{oid_b}, $di->{oid_b})) { dbg($self, $msg); dbg($self, 'trying '.di_url($self, $nxt)); + return do_git_apply($self); } else { ERR($self, $msg); } @@ -472,7 +486,7 @@ sub do_git_apply ($) { my $patches = $self->{patches}; # we need --ignore-whitespace because some patches are CRLF - my @cmd = (qw(git -C), $dn, qw(apply --cached --ignore-whitespace + my @cmd = (qw(git apply --cached --ignore-whitespace --unidiff-zero --whitespace=warn --verbose)); my $len = length(join(' ', @cmd)); my $total = $self->{tot}; @@ -483,7 +497,7 @@ sub do_git_apply ($) { my $i = ++$self->{nr}; $di = shift @$patches; dbg($self, "\napplying [$i/$total] " . di_url($self, $di) . - "\n" . join('', @{$di->{hdr_lines}})); + "\n" . $di->{hdr_lines}); my $path = $di->{n}; $len += length($path) + 1; push @cmd, $path; @@ -491,8 +505,8 @@ sub do_git_apply ($) { } while (@$patches && $len < $ARG_SIZE_MAX && !oids_same_ish($patches->[0]->{oid_b}, $prv_oid_b)); - my $rdr = { 2 => 1 }; - my $qsp = PublicInbox::Qspawn->new(\@cmd, $self->{git_env}, $rdr); + my $opt = { 2 => 1, -C => $dn, quiet => 1 }; + my $qsp = PublicInbox::Qspawn->new(\@cmd, $self->{git_env}, $opt); $self->{-cur_di} = $di; $self->{-qsp} = $qsp; $qsp->psgi_qx($self->{psgi_env}, undef, \&apply_result, $self); @@ -509,22 +523,108 @@ sub di_url ($$) { defined($url) ? "$url$mid/" : "<$mid>"; } +sub retry_current { + my ($self, $want) = @_; + push @{$self->{todo}}, $want; + next_step($self); # retry solve_existing +} + +sub try_harder ($$) { + my ($self, $want) = @_; + + # do we have more inboxes to try? + return retry_current($self, $want) if scalar @{$want->{try_ibxs}}; + + my $cur_want = $want->{oid_b}; + if (length($cur_want) > $OID_MIN) { # maybe a shorter OID will work + delete $want->{try_ibxs}; # drop empty arrayref + chop($cur_want); + dbg($self, "retrying $want->{oid_b} as $cur_want"); + $want->{oid_b} = $cur_want; + return retry_current($self, $want); # retry with shorter abbrev + } + + dbg($self, "could not find $cur_want"); + eval { done($self, undef) }; + die "E: $@" if $@; +} + +sub extract_diffs_done { + my ($self, $want) = @_; + + delete $want->{try_smsgs}; + delete $want->{cur_ibx}; + + my $diffs = delete $self->{tmp_diffs}; + if (scalar @$diffs) { + unshift @{$self->{patches}}, @$diffs; + dbg($self, "found $want->{oid_b} in " . join(" ||\n\t", + map { di_url($self, $_) } @$diffs)); + + # good, we can find a path to the oid we $want, now + # lets see if we need to apply more patches: + my $di = $diffs->[0]; + my $src = $di->{oid_a}; + + unless ($src =~ /\A0+\z/) { + # we have to solve it using another oid, fine: + my $job = { oid_b => $src, path_b => $di->{path_a} }; + push @{$self->{todo}}, $job; + } + return next_step($self); # onto the next todo item + } + try_harder($self, $want); +} + +sub extract_diff_async { + my ($bref, $oid, $type, $size, $x) = @_; + my ($self, $want, $smsg) = @$x; + if (defined($oid)) { + $smsg->{blob} eq $oid or + ERR($self, "BUG: $smsg->{blob} != $oid"); + PublicInbox::Eml->new($bref)->each_part(\&extract_diff, $x, 1); + } + + scalar(@{$want->{try_smsgs}}) ? retry_current($self, $want) + : extract_diffs_done($self, $want); +} + sub resolve_patch ($$) { my ($self, $want) = @_; + my $cur_want = $want->{oid_b}; if (scalar(@{$self->{patches}}) > $MAX_PATCH) { die "Aborting, too many steps to $self->{oid_want}"; } + if (my $msgs = $want->{try_smsgs}) { + my $smsg = shift @$msgs; + if ($self->{psgi_env}->{'pi-httpd.async'}) { + return ibx_async_cat($want->{cur_ibx}, $smsg->{blob}, + \&extract_diff_async, + [$self, $want, $smsg]); + } else { + if (my $eml = $want->{cur_ibx}->smsg_eml($smsg)) { + $eml->each_part(\&extract_diff, + [ $self, $want, $smsg ], 1); + } + } + + return scalar(@$msgs) ? retry_current($self, $want) + : extract_diffs_done($self, $want); + } + # see if we can find the blob in an existing git repo: - my $cur_want = $want->{oid_b}; - if ($self->{seen_oid}->{$cur_want}++) { + if (!$want->{try_ibxs} && $self->{seen_oid}->{$cur_want}++) { die "Loop detected solving $cur_want\n"; } - if (my $existing = solve_existing($self, $want)) { + $want->{try_ibxs} //= [ @{$self->{inboxes}} ]; # array copy + my $existing = solve_existing($self, $want); + if (ref $existing) { my ($found_git, undef, $type, undef) = @$existing; dbg($self, "found $cur_want in " . - join("\n", $found_git->pub_urls($self->{psgi_env}))); + join(" ||\n\t", + $found_git->pub_urls($self->{psgi_env}))); if ($cur_want eq $self->{oid_want} || $type ne 'blob') { eval { done($self, $existing) }; @@ -533,40 +633,22 @@ sub resolve_patch ($$) { } mark_found($self, $cur_want, $existing); return next_step($self); # onto patch application + } elsif ($existing > 0) { + return retry_current($self, $want); + } else { # $existing == 0: we may retry if inbox scan (below) fails + delete $want->{try_gits}; } # scan through inboxes to look for emails which results in # the oid we want: - foreach my $ibx (@{$self->{inboxes}}) { - my $diffs = find_extract_diffs($self, $ibx, $want) or next; - - unshift @{$self->{patches}}, @$diffs; - dbg($self, "found $cur_want in ". - join("\n\t", map { di_url($self, $_) } @$diffs)); - - # good, we can find a path to the oid we $want, now - # lets see if we need to apply more patches: - my $di = $diffs->[0]; - my $src = $di->{oid_a}; - - unless ($src =~ /\A0+\z/) { - # we have to solve it using another oid, fine: - my $job = { oid_b => $src, path_b => $di->{path_a} }; - push @{$self->{todo}}, $job; - } - return next_step($self); # onto the next todo item + my $ibx = shift(@{$want->{try_ibxs}}) or die 'BUG: {try_ibxs} empty'; + if (my $msgs = find_smsgs($self, $ibx, $want)) { + $want->{try_smsgs} = $msgs; + $want->{cur_ibx} = $ibx; + $self->{tmp_diffs} = []; + return retry_current($self, $want); } - if (length($cur_want) > $OID_MIN) { - chop($cur_want); - dbg($self, "retrying $want->{oid_b} as $cur_want"); - $want->{oid_b} = $cur_want; - push @{$self->{todo}}, $want; - return next_step($self); # retry with shorter abbrev - } - - dbg($self, "could not find $cur_want"); - eval { done($self, undef) }; - die "E: $@" if $@; + try_harder($self, $want); } # this API is designed to avoid creating self-referential structures; @@ -586,7 +668,7 @@ sub new { } # recreate $oid_want using $hints -# hints keys: path_a, path_b, oid_a +# hints keys: path_a, path_b, oid_a (note: `oid_b' is NOT a hint) # Calls {user_cb} with: [ ::Git object, oid_full, type, size, di (diff_info) ] # with found object, or undef if nothing was found # Calls {user_cb} with a string error on fatal errors @@ -605,7 +687,7 @@ sub solve ($$$$$) { $self->{todo} = [ { %$hints, oid_b => $oid_want } ]; $self->{patches} = []; # [ $di, $di, ... ] $self->{found} = {}; # { abbr => [ ::Git, oid, type, size, $di ] } - $self->{tmp} = File::Temp->newdir("solver.$oid_want-XXXXXXXX", TMPDIR => 1); + $self->{tmp} = File::Temp->newdir("solver.$oid_want-XXXX", TMPDIR => 1); dbg($self, "solving $oid_want ..."); if (my $async = $env->{'pi-httpd.async'}) {